Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ef56da90fb206f02ba06a8db511d2b75d0516cf10a328c187f94e5cf7db4744e

  • Size

    521KB

  • Sample

    221129-jzarsaba39

  • MD5

    39fa0ba6c2b47d639e4ca5737c14bb48

  • SHA1

    fa73b33f300f9f95e6b40195a353d29f9b2e2600

  • SHA256

    ef56da90fb206f02ba06a8db511d2b75d0516cf10a328c187f94e5cf7db4744e

  • SHA512

    941cc488134ae0bbe0af29494eb7fb424faf3b5a47a1062559db89986ebe553ec7c976274fde9d3023d7ea759fc03b54ef6b69cede282d7aa925326d80a62d0c

  • SSDEEP

    3072:TdVd2Hayox1aMrpN3HipUGq0IFmQZb++tdgIm/JFP9wx+vlqf0UxHfITGU+2wFFy:5uHOTGFrQZb++tdsHP4+QfI6UFE2E4

Score
10/10

Malware Config

Targets

    • Target

      ef56da90fb206f02ba06a8db511d2b75d0516cf10a328c187f94e5cf7db4744e

    • Size

      521KB

    • MD5

      39fa0ba6c2b47d639e4ca5737c14bb48

    • SHA1

      fa73b33f300f9f95e6b40195a353d29f9b2e2600

    • SHA256

      ef56da90fb206f02ba06a8db511d2b75d0516cf10a328c187f94e5cf7db4744e

    • SHA512

      941cc488134ae0bbe0af29494eb7fb424faf3b5a47a1062559db89986ebe553ec7c976274fde9d3023d7ea759fc03b54ef6b69cede282d7aa925326d80a62d0c

    • SSDEEP

      3072:TdVd2Hayox1aMrpN3HipUGq0IFmQZb++tdgIm/JFP9wx+vlqf0UxHfITGU+2wFFy:5uHOTGFrQZb++tdsHP4+QfI6UFE2E4

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Executes dropped EXE

    • Sets file execution options in registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks